IT monopolies are racing to merge with the state: who is faster?

Over the past decades, we have somehow all gotten used to living in a cozy IT world – our own, closed world, practically devoid of flaws. And in this world, there was coffee in the mornings, smoothies for lunch, and unlimited taxi rides, often paid for directly by the employer. And it seemed like there were no problems at all. We chose new employers, changing them like gloves, and for each job change, we guaranteed a 10-30% salary increase.

But look around, times are changing. And in some countries, in some IT sectors, the changes have become irreversible.

What was once startups have become monopolies. What was previously competition has turned into monopolistic collusion and a lack of competition. What was once interest and creativity has turned into routine. What were once super-challenges and super-tasks, worth living for, have turned into a chore chase and, ultimately, the owners' profit. And it couldn't be any other way.

Because there was never any closed world. There was a general capitalist world with its objectively working laws, and we were always a part of it—a privileged part at a certain stage of development.

So, one of the laws of such a world's development is that monopolies and the state inevitably converge, intertwine, merge in a passionate, sucking kiss. And this mutual attraction is driven by objective economic interests.

In our today's IT industry, these processes are happening right now. No, they existed before, but in the last couple of years, or even months, everything has accelerated with a new, unprecedented speed. And our current industry leaders—Yandex, T-Bank, Ozon, and others—are racing to merge with the state, and the state is rushing to merge with them. And this is far from only happening in the Russian Federation.

On Monopolies

The process of production consolidation and competitive displacement of players naturally leads to the formation of monopolies. In the Russian Federation, search engines from Yandex, Rambler, Aport, and Nigma once competed—now only Yandex remains. In the United States, search engines from Google, Altavista, Yahoo, Excite, MSN, and many others once competed. Now the clear leader is Google, and Bing (MSN) and Yahoo are somehow still holding on. Moreover, Google has 89.79% of the global market, Bing has 3.93%, and Yahoo has a pitiful 1.27%.

In the market for PC and server processors—there are now only Intel and AMD, yet in the early stages there were also IBM, UMC, Cyrix, and countless other minor players. Intel and AMD together have effectively completely absorbed the entire FPGA (PLD) industry in recent years—Intel devoured Altera, while AMD swallowed Xilinx, and together these two companies controlled 85% of the global FPGA market as of 2022.

Some might think that if there is no situation where the market is captured by one large company, then there is no monopoly. They say, if there are several major players controlling the market—two, or three, or four—then it's fair competition. This is incorrect. Recall our homegrown MTS, MegaFon, and Beeline, and subjectively assess the absence of monopolistic collusion on a scale from 1 to 10. And objectively—the FAS has repeatedly recognized these wonderful companies as violators of antitrust legislation—not once, not twice, not three times, not four times, not five times, …...

Today a Minister—Tomorrow a Banker; Today a Banker—Tomorrow a Minister

This succinct phrase is over 100 years old. It is simply a short formulation of a law describing the phenomenon of the merger of big capital and the state. Namely:

  • Capital seeks to push its agents of influence, lobbyists, and assistants into government bodies.

  • Capital seeks to recruit individuals from government structures into its ranks in order to gain insider information and established connections that provide access to the right people, resources, contracts, etc.

  • Government officials are ready to switch from serving the state to serving big capital at the first opportunity. If they have certain merits before a specific business, it increases the likelihood of transition. Such service to capital guarantees an honorable, safe, and lucrative membership on the board of directors or in top management.

  • The state and big capital are closely connected, interpenetrating vessels. Connected and intertwined at the top level. Shared connections, relatives, and celebrations. In some countries, they even have common clubs, interest groups, and more.

There are many examples that demonstrate and prove this law. Here are some of them.

Robert Strange McNamara. From 1946 to 1961, he worked at Ford Motor Company - director of the financial department, vice president, and eventually president of the Ford concern. From 1961 to 1968, he was the US Secretary of Defense. From 1968 to 1981, he was the president of the World Bank.

Henry Paulson. From 1970 to 1972, he was an assistant to the US Secretary of Defense. From 1974 to 2006, he worked at Goldman Sachs, with his last position being CEO. From 2006 to 2009, he was the US Secretary of the Treasury.

Robert Rubin. From 1966 to 1992, he worked at Goldman Sachs, with his last position being CEO. From 1993 to 1995, he was an assistant to the US President on economic policy. From 1995 to 1999, he was the US Secretary of the Treasury.

Steven Mnuchin. From 1985 to 2002, he worked at Goldman Sachs, achieving the positions of Vice President and Director of Information Technology. Then, for many years, he led investment companies on Wall Street. From 2017 to 2021 – U.S. Treasury Secretary.

Rishi Sunak. In 2001, he started working at Goldman Sachs, then managed hedge funds, including serving as a director at the investment firm Catamaran Ventures. In 2019-2020, he held the post of Chief Secretary to the Treasury (Ministry of Finance) of the United Kingdom. 2020-2022 – Chancellor of the Exchequer of the United Kingdom. 2022-2024 – Prime Minister of the United Kingdom. Since 2025 – senior advisor at Goldman Sachs and simultaneously a senior advisor at Microsoft. Now there's a seasoned IT guy!

Someone might look at these examples and say: well, that's just in finance. Or someone might say: these are outdated examples, irrelevant today. Our modern IT guy is white and fluffy, clean from all that. But no. It's not like that in any country in the world right now. Let's start with the USA.

The Fusion of IT Capital with the State in the USA

Anthropic, OpenAI, Google, and xAI have signed contracts with the U.S. Department of Defense worth up to $200 million. The goal: to implement advanced generative artificial intelligence models into military and strategic operations. The companies face the task of developing prototypes of AI agents that can be directly integrated into military and organizational processes.

Military processes – for those who didn't get it – means mowing down people. Organizational processes – means relieving command and rank-and-file personnel of responsibility and moral suffering for pulling the trigger and pressing the "Start" button.

Top managers from Palantir, Meta*, and OpenAI have been granted the rank of lieutenant colonel in the U.S. Army. This includes Shyam Sankar - CTO of Palantir, Andrew Bosworth - CTO of Meta*, Kevin Weil - Chief Product Officer at OpenAI, and Bob McGrew - former Chief Scientist at OpenAI.

Even earlier:

Google removed the ban on using AI for military purposes from its principles.

Because money doesn't stink, especially if it's money from killings. And yet, at one time, the main slogan of this monopoly was "Don't be evil." Are there those who still remember this?

American Palantir signed an agreement worth $10 billion with the US Army to supply software and data over the next decade. The supplier has committed to helping the military increase efficiency in preparing for threats by consolidating 75 contracts into a single corporate contract.

This is their Maven software used in the war with Iran. In that very war that started with the strike on a school. Although not theirs alone…

According to a Wall Street Journal report, the US Central Command used Anthropic's Claude AI for "assessing intelligence, identifying targets, and simulating combat scenarios" during strikes on the country.

Yes, now, in hindsight, Anthropic's top management can tear their hair out over the multi-million dollar deals with the Pentagon made in the past, can ban whatever they want from whoever they want, but the fact remains: their software is being used right now and is helping to kill people, and they themselves sold it voluntarily, no one forced them. By the way, I raised this topic a few years ago, and human history is repeating itself in a spiral…

In late November 2020, the Central Intelligence Agency concluded a contract to create a commercial cloud enterprise with Amazon Web Services, Microsoft, Google, Oracle, and IBM. The C2E cloud contract will be worth tens of billions of dollars over the next 15 years. Under the contract, each company will be able to compete for specific tasks at various levels within the CIA and 16 other intelligence community agencies.

Earlier, Microsoft and Amazon clashed in court over the right to receive a $10 billion contract from the Pentagon.

Meta (the parent company of Facebook and Instagram), Alphabet (the parent company of Google and YouTube), Microsoft, ByteDance (the parent company of TikTok), X (formerly known as Twitter), and Snap (the parent company of Snapchat) joined forces to spend a staggering $61.5 million on lobbying in 2024 - an increase of almost 13% compared to their spending in 2023. And half of these companies - Meta, ByteDance, and Snap - spent record amounts.

Together, these six companies hired nearly 300 lobbyists in 2024 - or one for every two members of Congress.

What's interesting here is not only that Google and Microsoft are spending millions, but that even "non-commercial" OpenAI - the developer of ChatGPT - spent $1.8 million on lobbying in 2024.

The United States gained control over 10% of Intel. According to Trump, he negotiated the deal with the corporation's CEO Lip-Bu Tan, and the United States "paid nothing" for the shares worth $11 billion.

If the US government didn't pay anything in cash, it means the deal involves other negotiated perks that interested Intel. In any case, neither Intel nor the US government is in a hurry to disclose the details of the deal.

To wrap up the topic, I can't help but mention Sam Altman's clever two-step move. Follow my logic.

Summer 2025. One.

OpenAI offered US federal agencies a corporate version of ChatGPT for just $1 per year, aiming to accelerate the adoption of artificial intelligence in the country's public sector.

Autumn 2025. Two.

The developer of ChatGPT asked the US government to provide loan guarantees for a large-scale infrastructure expansion, which will ultimately cost over $1 trillion.

So, first they hook you on their product, and then they ultimatum-style demand astronomical sums from the state budget, or else. In 2008-2009, such ultimatums were issued by the most famous and successful commercial banks; now it's the most famous and successful IT companies. That's capitalism, kid!

I think the picture is clear regarding the money and contracts. And the personalities fit the picture, here are some examples:

Large companies in Russia hire GR specialists and maintain departments for relations with government authorities. And for specific tasks to promote their interests, businesses may hire external GR specialists. Contracts with them are often not publicized and not disclosed. There are cases when even the biographies of in-house GR specialists, their previous workplaces, are not publicly available.

Well, from the perspective of commercial monopolies (which, as is known, have made themselves exclusively on their own and in spite of everything), one can understand the desire to hide their connections with the state. But it's not always easy.

  • Alexei Kudrin. Deputy Chairman of the Government of the Russian Federation (2000—2004, 2007—2011), Minister of Finance of the Russian Federation (2000—2011), Chairman of the Accounts Chamber of the Russian Federation (May 22, 2018 — November 30, 2022). In 2018, he was one of the ideologues of the pension reform. Since 2022, he has been working as an advisor for corporate development at Yandex.

  • Pavel Demidov. From 2012–2016, he worked at the Foundation for Support of Civil Initiatives. In June 2018, he was appointed assistant to the Chairman of the Accounts Chamber, and in July — Director of the Department of External Communications. Since 2022, he has been working as the Head of GR at Yandex.

  • Dmitry Kim. From 2012-2021, he worked at Rostelecom. 2021-2023 - Deputy Minister of Digital Development, Communications and Mass Media of the Russian Federation. Since 2024 – top manager at Ozon, Vice President for Interaction with Public Authorities.

  • Sergey Kuchushev. Current Deputy Minister of Digital Development, Communications and Mass Media of the Russian Federation. Previously, he worked at Yandex for 12 years, and from 2019-2020 he was the Director for Relations with Government Agencies at the company Ozon.

  • Alexey Minaev. Director for Strategic Development at Wildberries since 2024. Previously, he was Deputy Director of Ozon since 2021. Before that, he worked for 11 years at the Ministry of Economic Development, including three years as Deputy Head of the Department for Digital Economy Development.

  • Elena Zaeva. A career employee of the FAS – she worked there from 2004 to 2024, with her last position being Head of the Department for Regulation of Communications and Information Technologies of the FAS. Since 2024 - Deputy Managing Director of Ozon.

  • Sergey Belyakov. Managing Director of Ozon from 2021-2024. Earlier, from 2012–2014, he was Deputy Head of the Ministry of Economic Development.

The examples I have given are from the world of the most independent, commercial IT capital there is. But there are also many such IT monopolies where there is openly a significant share of state participation (ownership) – these are VK, Gazprombank, Sber, Rostelecom. This does not at all mean that the listed companies are fully state-owned – in them, private and state shares are mixed, and shareholders are intertwined beyond recognition. They are united by one thing – they operate under the laws of capitalism. Sberbank will not lend to your business at a low rate, even if it is very beneficial to society. Instead, Sberbank wants profit. Both commercial and state shareholders want this. VK will not push educational videos about nuclear physics or anthropology into your feed. Instead, it will slip you news about rich kids and TP, because it believes there is more profit in those. And both the commercial shareholders of VK and the state agree with this.

How to measure who integrates with the state faster?

As mentioned, IT monopolies are in no hurry to disclose their ties with the state, about orders, contracts, lobbying. The state is not obligated to disclose information, and the IT business intimidates employees with NDA agreements, often illegal ones. But if you still want to find out and quantitatively measure this connection, what technical tool could be used that would help?

Surprisingly – the state itself will help. And – the mechanisms of static analysis and decompilation.

As we all know, on March 30, the head of the Ministry of Digital Development, Maksut Shadayev, held a meeting with the heads of the largest Russian platforms. More than 20 companies were represented at the meeting: "Sberbank", "Yandex", VK, Wildberries & Russ, Ozon, "Gazprom-Media", "Avito", X5, 2GIS, ivi, Wink, HeadHunter, "Litres", CIAN, Lamoda, and others. The agency demanded that companies restrict access to their services for users with enabled VPN by April 15.

These companies, without any hesitation, exceeded the regulator's request ahead of schedule. Yes, how did they do it? They overfulfilled it by a wide margin. Although they could have underperformed, they could have openly struck a pose, they could have complained about the loss of profits, they could have cited a lack of competence in this matter. Yes, they could have done many things. But they didn't do that. Instead, they overachieved the plan. And moreover, they did it ahead of time.

This is stated by RKS Global research on testing 30 popular Russian Android applications. The goal is to find out how they detect VPN. It turned out that applications of IT monopolies not only detect VPN but also monitor users.

The authors of the research write that they used static APK analysis: decompilation via apktool and jadx, search for 80 checkpoints in 12 categories. The application versions were current as of early April 2026 and were taken from RuStore and Google Play stores. It is emphasized that only static analysis was conducted, without dynamic testing on a device.

Based on the results, application ratings were compiled.

Application rating by depth of VPN surveillance

Application

Detection methods

What it does

Yandex Browser

4

TRANSPORT_VPN + /proc/net/tcp + tun0 +
Tor detection + →server

Yandex Maps

4

TRANSPORT_VPN + /proc/net/tcp + tun0 +
proxy

VK

3

TRANSPORT_VPN + tun0 + proxy + →server

My MTS

3

TRANSPORT_VPN + tun0 + proxy + →server

Sberbank Online

3

TRANSPORT_VPN + tun0 + proxy + →server
(setVpn() in clickstream)

T Bank

3

/proc/net/tcp + tun0 + →server
(isVpnConnected in fingerprint)

VK Video

2

TRANSPORT_VPN + proxy + →server

Wildberries

2

tun0 + proxy

Kinopoisk

2

TRANSPORT_VPN + tun0 + →server

Ozon

2

TRANSPORT_VPN + proxy + →server

Samokat

2

TRANSPORT_VPN + tun0 + →server

RuStore

2

TRANSPORT_VPN + proxy + →server

VTB Online

2

TRANSPORT_VPN + tun0 + →server
(is_vpn_on in NetworkSettingsDto)

Yandex Music

2

/proc/net/tcp + tun0

VK Music

2

TRANSPORT_VPN + tun0 + →server (is_vpn
in each stat-event)

Avito

1

TRANSPORT_VPN + →server

Alfa-Bank

1

proxy + →server

2GIS

1

TRANSPORT_VPN + →server

MegaMarket

1

tun0 + →server

Odnoklassniki

1

TRANSPORT_VPN + →server

MAX

1

TRANSPORT_VPN + →server

Rutube

1

tun0 + →server (VpnStatusResponse API

The toughest applications based on surveillance (rating by number of successful checks out of 68)

#

Application

Rating

Score

VPN

VPN → Server

Main detection method

1

T-Bank Bank

RED

65/68

3

yes

Searches for Frida via
/proc/net/tcp:27042,
isVpnConnected in fingerprint

2

MegaMarket Marketplace

RED

65/68

1

yes

GPS every 2 seconds, Group-IB
SDK, contacts+SMS-call log

3

VKontakte Social Network

RED

64/68

3

yes

IMEI/IMSI via reflection
(bypass for Android 10,
contacts sync)

4

Odnoklassniki Social Network

ORANGE

64/68

1

yes

DeviceAdmin hidden in the
"emoji" module

5

Sberbank Online Bank

RED

64/68

3

yes

Touches:
X/Y/pressure/size, VPN
in clickstream

6

Yandex Browser Browser

RED

63/68

4

yes

Tor-detection + vpn_enabled
in telemetry + WhoCalls

7

Yandex Maps Navigation

ORANGE

60/68

4

?

VPN-detection in native
code (not SDK)

8

VTB Online Bank

RED

59/68

2

yes

is_vpn_on in
NetworkSettingsDto → diagnostics server

9

Rutube Video

ORANGE

57/68

1

yes

Fraud-SDK sends a list
of applications +
VpnStatusResponse API

10

Alfa-Bank Bank

ORANGE

56/68

1

yes

Kaspersky SDK reads ALL
notifications

11

My MTS Telecom

RED

56/68

3

yes

ACCESS_SUPERUSER in
manifest, MTS GEO SDK

12

Ozon Marketplace

RED

56/68

2

yes

247 banks + contacts in JSON
→ WebView

13

Wildberries Marketplace

RED

55/68

2

?

Background clipboard interception +
full call log

14

Yandex Food
Delivery

RED

54/68

2

yes

List of VPN apps —
in food delivery

15

Kinopoisk
Streaming

ORANGE

53/68

2

yes

vpn_enabled + GPS
sent to server

16

RuStore
App Store

RED

53/68

2

yes

App store monitors
VPN

17

Yandex Music
Music

ORANGE

53/68

2

?

Frida-detection in music
player

18

VK Music
Music

ORANGE

52/68

2

yes

tun0 + TRANSPORT_VPN, is_vpn
in every event,
russian_trusted_root_ca

19

VK Video
Video

ORANGE

51/68

2

yes

3 SDKs search for VPN, contacts →
vk.com

20

2GIS
Navigation

ORANGE

51/68

1

yes

80 banks + contacts via
JNI → native code

21

Gosuslugi
Government Services

ORANGE

51/68

Timing of button presses in gov.
app

22

Zen
Media

ORANGE

49/68

GPS every 2 seconds for the news feed

23

Yandex Eda
Delivery

ORANGE

48/68

Triple geolocation: GPS +
towers + WiFi

24

Avito
Classifieds

ORANGE

46/68

1

yes

200 foreign packages in queries
manifest

25

MAX
Messenger

ORANGE

46/68

1

yes

VPN names obfuscated with
byte arrays

26

MegaFon
Telecom

ORANGE

41/68

Contacts are uploaded every
24 hours

27

Yandex Market
Marketplace

ORANGE

40/68

is_rooted in every
HTTP request

28

Mail Mail.ru
Mail

ORANGE

40/68

Server decides which
applications to search for

29

Yandex Go
Taxi

ORANGE

39/68

No VPN/root detection —
the only one out of 30

30

Mir Pay
Payments

ORANGE

35/68

99% of the code is hidden behind
libprotector.so

Banking apps overall proved to be the most aggressive group: in the top-20, "T-Bank" (65 points), "Sberbank Online" (64), VTB (59) made the list. All of them transmit VPN status to their servers, use advanced device fingerprinting, and detect reverse engineering tools.

Among the most non-trivial findings from the experts' report, the following can be highlighted:

  • "T-Bank", "Alfa-Bank", "2GIS", "Yandex Eda", MegaMarket, "My MTS", "Odnoklassniki", "Gosuslugi", Rutube, "Sberbank Online", and Yandex Music intercept dispatchTouchEvent() — every screen tap with coordinates, pressure, and timestamp. Meanwhile, "Sberbank" stores TouchData objects with pressure, size, x, y fields. What is this, if not behavioral biometrics? If so, it allows identifying a person by their tap pattern even without a login.

  • The Avito app lists over 200 foreign packages in the block of its manifest: banks, marketplaces, social networks, competitors. The app can determine which of them are installed on the device.

  • "T-Bank", "Yandex Browser", Yandex Music, and "Yandex Maps" actively search for traces of Frida — a dynamic analysis tool — by reading /proc/net/tcp looking for port 27042. Essentially, the apps check if someone is analyzing them right now.

Separately, the study authors also discuss permissions that apps obtain without user interaction — so-called install-time permissions, granted automatically at installation. All 30 apps in the sample request RECEIVE_BOOT_COMPLETED and FOREGROUND_SERVICE. Together, this means the app automatically launches every time the phone is turned on and runs in the background constantly. Additionally, 12 apps also request REQUEST_IGNORE_BATTERY_OPTIMIZATIONS, meaning the system cannot "sleep" them. It is emphasized that this entire infrastructure is deployed before the user clicks "Allow" on anything.

The RKS Global study was published no later than April 10 of this year, while the order from the Ministry of Digital Development was issued on March 30. The gap – 8 business days.

Conclusions

Our world today is a world of monopolies. It has been for a long time. The IT industry is no exception. The close connection between monopoly top management and government officials (in all countries of the world) is no secret. The intertwining of shares, interests of big business, and state interests has long been a reality. RKS Global study helps to understand how close the behavior of commercial monopolies is to that of the state, and in which aspects it even surpasses it. The rating of apps based on surveillance capabilities reports that ahead of the entire planet are not the universally suspected Max and not Gosuslugi (they are in the third dozen – at the end of the list), but – surprisingly – T-Bank, Sberbank, Alfa-Bank, VKontakte, Yandex, VTB. Also striking is the speed at which 'non-surveilling' apps have turned into 'surveilling' ones. Worthy of attention is also the absence of any dissent, discussions, debates, and questions from the large IT capital.

If anyone has doubts about something and the role of large private business seems insignificant, I suggest remembering that the installation of deep packet inspection (DPI) systems on the networks of telecom operators in Russia was carried out by a private company, and it was led not by a KGB officer or a person in uniform, but by a career employee of such IT giants as Ericsson, Nokia, and Huawei. And now he works as a top manager at Beeline (VimpelCom).

Comments

    Also read